<?php

if(stristr($_SERVER['PHP_SELF'],".inc.php")) { 
	header("Location:index.php"); 
	exit; 
}

if($_POST['useradd']) {
	unset($_errors); 
	//if($_pw == $User['password']) {
		if(!$_POST['username']) {
			$_errors .= $Lang['errBlankFields'] . "<br />\n";
		}
		
		if(!$_POST['realname']) { $realname = stripslashes(strip_tags($_POST['username'])); } 
		else { $realname =stripslashes(strip_tags($_POST['realname'])); }
	
		if(!$_POST['password']) { $_errors = "*Password cannot be set to blank!"; }
		elseif(strlen($_POST['password']) < 6) { $_errors = "*Password must be at least 5 characters!"; } 
		else { $password = stripslashes(strip_tags($_POST['username'])); }
		
		if(!$_errors) {
			$username = stripslashes(strip_tags($_POST['username'])); 
			$email = stripslashes(strip_tags($_POST['email'])); 
			if($_POST['perms'] != 1) { $perms=0; }
			$hash = make_hash('29');
			if(!$hash) { $hash = rand(10000000000000000000000000000,99999999999999999999999999999); }
			$id = new_user($username,$password,$realname,$email,$perms,"1",$hash);  
			unset($goto); 
			$goto = $self."?op=users&message=success"; 
			header("Location: ".$goto);
			exit; 
		} else { 
			unset($goto); 
			$goto = $self."?op=users&message=".$_errors; 
			header("Location: ".$goto); 
		}
	//} else {
		//unset($goto); 
		//$goto = $self."?op=users&subop=add&m=X";
		//header("Location: ".$goto);
		//exit; 
	//}
	
} elseif($_POST['userdel']) {

} elseif($_POST['usermod']) {

} elseif($subop == "add") { 
	
	echo "<form action=\"".$self."?\" method=\"post\" name=\"myform\" style=\"padding-bottom:0px;\">
	<fieldset style=\"width:500px;margin-left:auto;margin-right:auto;text-align:left;\">
		<legend>Account Details</legend>
		<input type=\"hidden\" name=\"op\" value=\"users\" />
		Username: <br />
		<input type=\"text\" name=\"username\" size=\"50\" /><br />
		Real Name: <br />
		<input type=\"text\" name=\"realname\" size=\"50\" /><br />
		Email: <br />
		<input type=\"text\" name=\"email\" size=\"50\" /><br />
		Password: <br />
		<input type=\"text\" name=\"password\" size=\"50\" /><br />
		Permissions: <br />
			<select name=\"\">
				<option value=\"0\">Editor</option>
				<option value=\"1\">Administrator</option>
			</select>	
	</fieldset>
	<br />	
	<br />
	<button type=\"submit\" name=\"useradd\" value=\"1\" class=\"button\" />Submit</button>&nbsp;&nbsp;
	<input type=\"button\" name=\"cancel\" class=\"button\" value=\"".ucwords($Lang['noCancel'])."\" onclick=\"location.href='?'\" />&nbsp;&nbsp;
	<br />
	</form>";	
	
} elseif($subop == "del") {

} elseif($subop == "off") {

} elseif($subop == "mod") {

} else { 
	
	if($_errors) { echo "<div class=\"message\">".$_errors."</div><br />\m"; }
	if($_GET['message'] && $_GET['message'] == "success") { echo "<div class=\"message\">Operation completed successfully!</div><br />\n"; }
	echo "<fieldset style=\"width:500px;margin-left:auto;margin-right:auto;text-align:left;\">
		<legend>Admin &gt; User Operations</legend>
			<a href=\"".$self."?op=users&subop=add\">Add a New User</a><br />
			<a href=\"".$self."?op=users&subop=mod\">Modify a User</a><br />
			<a href=\"".$self."?op=users&subop=off\">Deactivate a User</a><br />
			<a href=\"".$self."?op=users&subop=del\">Remove a User</a><br />		
	</fieldset>";	
}
?>